GDPR Art. 22 vendors for Insurance

Vendors that support GDPR Article 22 — Automated Individual Decision-Making and explicitly serve insurance customers. Listings verified April 28, 2026.

Vendor	HQ	Founded	Size	Pricing	Last verified
BigID	New York, USA	2016	500-1000	Contact for pricing	Apr 26, 2026
Naaia	Louveciennes, FR	2021	11-50	No public pricing tiers; demo and quote requested via website.	Apr 27, 2026

About GDPR Art. 22

Article 22 of the EU General Data Protection Regulation gives data subjects the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal effects concerning them or similarly significantly affects them. The right applies across the EU and EEA and has been in force since May 25, 2018. The European Data Protection Board's Guidelines 1/2024 (adopted December 2024) clarify the scope, including how it applies to large language models and recommender systems. The CJEU's SCHUFA ruling (Case C‑634/21, December 2023) confirmed that automated credit scoring constitutes a "decision" under Article 22 where the score effectively determines whether a loan or contract is granted. Enforcement is by national Data Protection Authorities; penalties for Article 22 violations fall under the GDPR's higher tier — up to €20 million or 4% of worldwide annual turnover.

Read framework guide →

About Insurance

Life, health, and P&C insurers deploying AI in underwriting, claims, and fraud. NAIC Model Bulletin, Colorado SB 169 (life insurance), and New York Circular Letter 7 set sector baselines.

See all insurance vendors →